VYPR

Vendor CVEs

Siemens Foundation

All CVEs

2,020 total · sorted by risk
  • CVE-2021-41533Sep 28, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this…

  • CVE-2021-40357Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.10), Teamcenter Active Workspace V5.0 (All versions < V5.0.8), Teamcenter Active Workspace V5.1 (All versions < V5.1.5), Teamcenter Active Workspace V5.2 (All versions < V5.2.1). A path…

  • CVE-2021-40356Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The application contains a XML External Entity Injection…

  • CVE-2021-40355Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The affected application contains Insecure Direct Object…

  • CVE-2021-40354Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The "surrogate" functionality on the user profile of the…

  • CVE-2021-37206Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Received webpackets are not properly…

  • CVE-2021-37203Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the end of an allocated…

  • CVE-2021-37202Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The IFC adapter in affected application contains a use-after-free vulnerability that could be triggered while parsing user-supplied IFC files. An attacker…

  • CVE-2021-37201Sep 14, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). The web interface of affected devices is vulnerable to a Cross-Site Request Forgery (CSRF) attack. This could allow an attacker to manipulate the SINEC NMS configuration by tricking an unsuspecting user…

  • CVE-2021-37200Sep 14, 2021
    risk 0.00cvss epss 0.40

    A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). An attacker with access to the webserver of an affected system could download arbitrary files from the underlying filesystem by sending a specially crafted HTTP request.

  • CVE-2021-37193Sep 14, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could manipulate certain parameters and set a valid user of the affected software as invalid (or vice-versa).

  • CVE-2021-37192Sep 14, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information disclosure vulnerability that could allow an attacker to retrieve a list of network devices a known user can manage.

  • CVE-2021-37190Sep 14, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information disclosure vulnerability that could allow an attacker to retrieve VPN connection for a known user.

  • CVE-2021-37191Sep 14, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same network of the affected system could brute force the usernames from the affected software.

  • CVE-2021-37186Sep 14, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All versions < V4.0.9), SIMATIC RTU3041C (All versions <…

  • CVE-2021-37184Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Industrial Edge Management (All versions < V1.3). An unauthenticated attacker could change the the password of any user in the system under certain circumstances. With this an attacker could impersonate any valid user on an affected system.

  • CVE-2021-37183Sep 14, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software allows sending send-to-sleep notifications to the managed devices. An unauthenticated attacker in the same network of the affected system can abuse these…

  • CVE-2021-37181Sep 14, 2021
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in Cerberus DMS V4.0 (All versions), Cerberus DMS V4.1 (All versions), Cerberus DMS V4.2 (All versions), Cerberus DMS V5.0 (All versions < v5.0 QU1), Desigo CC Compact V4.0 (All versions), Desigo CC Compact V4.1 (All versions), Desigo CC…

  • CVE-2021-37177Sep 14, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The status provided by the syslog clients managed by the affected software can be manipulated by an unauthenticated attacker in the same network of the affected system.

  • CVE-2021-37176Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). The femap.exe application lacks proper validation of user-supplied data when parsing modfem files. This could result in an out of bounds read past the end of an…

  • CVE-2021-37175Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1),…

  • CVE-2021-37174Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1),…

  • CVE-2021-37173Sep 14, 2021
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1),…

  • CVE-2021-33737Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 Lean (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1…

  • CVE-2021-33720Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port…

  • CVE-2021-33719Sep 14, 2021
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Specially crafted packets sent to port…

  • CVE-2021-33716Sep 14, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SIMATIC CP 1543-1 (incl. SIPLUS variants) (All versions < V3.0), SIMATIC CP 1545-1 (All versions < V1.1). An attacker with access to the subnet of the affected device could retrieve sensitive information stored in cleartext.

  • CVE-2021-31891Sep 14, 2021
    risk 0.00cvss epss 0.04

    A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS…

  • CVE-2021-27391Sep 14, 2021
    risk 0.00cvss epss 0.03

    A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >= V2.8), APOGEE PXC…

  • CVE-2021-25665Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2021.2.1). The starview+.exe application lacks proper validation of user-supplied data when parsing scene files. This could result in an out of bounds write past the end of an allocated structure.…

  • CVE-2019-10941Sep 14, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in SINEMA Server (All versions < V14 SP3). Missing authentication for functionality that requires administrative user identity could allow an attacker to obtain encoded system configuration backup files. This is only possible through network…

  • CVE-2021-31338Aug 19, 2021
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.0 SP1). Affected devices allow to modify configuration settings over an unauthenticated channel. This could allow a local attacker to escalate privileges and execute own code on the device.

  • CVE-2021-37180Aug 10, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage this…

  • CVE-2021-37179Aug 10, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library in affected application lacks proper validation while parsing user-supplied OBJ files that could lead to a use-after-free condition. An attacker could leverage this…

  • CVE-2021-37172Aug 10, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V13 or later versions to…

  • CVE-2021-37178Aug 10, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). An XML external entity injection vulnerability in the underlying XML parser could cause the affected application to disclose arbitrary files to remote attackers by loading a specially crafted…

  • CVE-2021-33738Aug 10, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in JT2Go (All versions < V13.2.0.2), Teamcenter Visualization (All versions < V13.2.0.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an…

  • CVE-2021-33721Aug 10, 2021
    risk 0.00cvss epss 0.03

    A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges…

  • CVE-2021-33717Aug 10, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in JT2Go (All versions < V13.2.0.1), Teamcenter Visualization (All versions < V13.2.0.1). When parsing specially crafted CGM Files, a NULL pointer deference condition could cause the application to crash. The application must be restarted to…

  • CVE-2021-25659Aug 10, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0 SP9 Update 2). Sending specially crafted packets to port 4410/tcp of an affected system could lead to extensive memory being consumed and as such…

  • CVE-2020-28397Aug 10, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl.…

  • CVE-2021-34332Jul 13, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. A malformed input file could result in…

  • CVE-2021-34333Jul 13, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. A malformed input file could result in…

  • CVE-2021-34331Jul 13, 2021
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds write…

  • CVE-2021-34330Jul 13, 2021
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when…

  • CVE-2021-34329Jul 13, 2021
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when…

  • CVE-2021-34328Jul 13, 2021
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when…

  • CVE-2021-34327Jul 13, 2021
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when…

  • CVE-2021-34326Jul 13, 2021
    risk 0.00cvss epss 0.02

    A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when…

  • CVE-2021-34325Jul 13, 2021
    risk 0.00cvss epss 0.01

    A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds read…

Page 30 of 41